Communications between client components and a vCenter Server system or ESXi hosts are protected by SSL-based encryption by default. Linux versions of these components do not perform certificate validation. Consider restricting the use of these clients.
Even if you have replaced the VMCA-signed certificates on the vCenter Server system and the ESXi hosts with certificates that are signed by a third-party CA, certain communications with Linux clients are still vulnerable to man-in-the-middle attacks. The following components are vulnerable when they run on the Linux operating system.
vSphere SDK for Perl scripts
Programs written using the vSphere Web Services SDK
You can relax the restriction against using Linux clients if you enforce proper controls.
Restrict management network access to authorized systems only.
Use firewalls to ensure that only authorized hosts are allowed to access vCenter Server.
Use jump-box systems to ensure that Linux clients are behind the jump.